1 files changed, 0 insertions, 36 deletions

diff --git a/package/kernel/ksmbd/patches/10-ksmbd-check-nt_len-to-be-at-least-CIFS_ENCPWD_SIZE-i.patch b/package/kernel/ksmbd/patches/10-ksmbd-check-nt_len-to-be-at-least-CIFS_ENCPWD_SIZE-i.patch
deleted file mode 100644
index 198e752106..0000000000
--- a/package/kernel/ksmbd/patches/10-ksmbd-check-nt_len-to-be-at-least-CIFS_ENCPWD_SIZE-i.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 8824b7af409f51f1316e92e9887c2fd48c0b26d6 Mon Sep 17 00:00:00 2001
-From: William Liu <will@willsroot.io>
-Date: Fri, 30 Dec 2022 09:13:35 +0900
-Subject: ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in
- ksmbd_decode_ntlmssp_auth_blob
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-"nt_len - CIFS_ENCPWD_SIZE" is passed directly from
-ksmbd_decode_ntlmssp_auth_blob to ksmbd_auth_ntlmv2. Malicious requests
-can set nt_len to less than CIFS_ENCPWD_SIZE, which results in a negative
-number (or large unsigned value) used for a subsequent memcpy in
-ksmbd_auth_ntlvm2 and can cause a panic.
-
-Fixes: e2f3448 ("cifsd: add server-side procedures for SMB3")
-Cc: stable@vger.kernel.org
-Signed-off-by: William Liu <will@willsroot.io>
-Signed-off-by: Hrvoje Mišetić <misetichrvoje@gmail.com>
-Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
----
- auth.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
---- a/auth.c
-+++ b/auth.c
-@@ -583,7 +583,8 @@ int ksmbd_decode_ntlmssp_auth_blob(struc
- 	dn_off = le32_to_cpu(authblob->DomainName.BufferOffset);
- 	dn_len = le16_to_cpu(authblob->DomainName.Length);
- 
--	if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len)
-+	if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len ||
-+	    nt_len < CIFS_ENCPWD_SIZE)
- 		return -EINVAL;
- 
- #ifdef CONFIG_SMB_INSECURE_SERVER